using Tomcat as container and enabling SSL leads to error, that the browser that
accesses the RAP app reports that there is mixed content, meaning that there are
some sources that are not encrypted. this causes the page to be displayed as not-secure.

there already was a topic about a similar problem in this newsgroup, but this time
this happens with firefox (3.5.2) as well as with IE 8. the ssl encryption works because
when accessing the tomcat html manager the site is correctly marked as secure and encrypted.

but strange is that this problem also occures with firefox.
i don't use any absolute paths or redirects to possibly unsecure http links...
i do use .png, .gif and .jpg pictures though.

i could not track down the ressources which the browser blames to be unsafe,
maybe anyone can confirm this problem, or maybe someone has a clean ssl/tomcat environment
and could explain his setup so we can track down any differences?!

i could figure out what caused this behaviour. i'm using the (gorgeous) google visualization
example from the inqle project by David Donohue.

in the file org.inqle.ui.google.widgets/src/org/inqle/ui/google/jsapi/Go ogleAPIResource.java
there is a link to the google json api (location = "http://www.google.com/jsapi";) which
is loaded during startup, thus causing the non-secure content in the browser.

Benjamin Wolff schrieb:
> Hi,
>
>
> using Tomcat as container and enabling SSL leads to error, that the
> browser that
> accesses the RAP app reports that there is mixed content, meaning that
> there are
> some sources that are not encrypted. this causes the page to be
> displayed as not-secure.
>
> there already was a topic about a similar problem in this newsgroup, but
> this time
> this happens with firefox (3.5.2) as well as with IE 8. the ssl
> encryption works because
> when accessing the tomcat html manager the site is correctly marked as
> secure and encrypted.
>
> related qooxdoo bugs can be found here:
>
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=1021
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=890
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=710
>
> but strange is that this problem also occures with firefox.
> i don't use any absolute paths or redirects to possibly unsecure http
> links...
> i do use .png, .gif and .jpg pictures though.
>
> i could not track down the ressources which the browser blames to be
> unsafe,
> maybe anyone can confirm this problem, or maybe someone has a clean
> ssl/tomcat environment
> and could explain his setup so we can track down any differences?!
>
> can we excluded, that RAP loads any 'unsecure' elements?!
>
>
> greetings,
>
> ben]]>Benjamin Wolff2009-08-06T19:15:07-00:00Re: RAP, Tomcat and SSLhttps://www.eclipse.org/forums/index.php/mv/msg/152067/478848/#msg_478848
in IE when running under SSL. See this bug

Benjamin Wolff schrieb:
> Hi,
>
>
> using Tomcat as container and enabling SSL leads to error, that the
> browser that
> accesses the RAP app reports that there is mixed content, meaning that
> there are
> some sources that are not encrypted. this causes the page to be
> displayed as not-secure.
>
> there already was a topic about a similar problem in this newsgroup, but
> this time
> this happens with firefox (3.5.2) as well as with IE 8. the ssl
> encryption works because
> when accessing the tomcat html manager the site is correctly marked as
> secure and encrypted.
>
> related qooxdoo bugs can be found here:
>
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=1021
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=890
> http://bugzilla.qooxdoo.org/show_bug.cgi?id=710
>
> but strange is that this problem also occures with firefox.
> i don't use any absolute paths or redirects to possibly unsecure http
> links...
> i do use .png, .gif and .jpg pictures though.
>
> i could not track down the ressources which the browser blames to be
> unsafe,
> maybe anyone can confirm this problem, or maybe someone has a clean
> ssl/tomcat environment
> and could explain his setup so we can track down any differences?!
>
> can we excluded, that RAP loads any 'unsecure' elements?!
>
>
> greetings,
>
> ben]]>Stefan 2009-08-07T08:51:40-00:00Re: RAP, Tomcat and SSLhttps://www.eclipse.org/forums/index.php/mv/msg/152067/1076396/#msg_1076396
It seems that since 2.1, the mixed content warning in IE8 is here again.

I tested with rap demo app, in 2.0 no warning, in 2.1 there is a warning, it seems to be the case with any RAP application

Bestregards
]]>Arnaud MERGEY2013-07-31T10:14:50-00:00Re: RAP, Tomcat and SSLhttps://www.eclipse.org/forums/index.php/mv/msg/152067/1077123/#msg_1077123
I'm afraid we have to live with IE8 a while longer. So yes, please open
a new bug for this issue. If you can help investigating the cause of
this warning, that would be very appreciated.